package com.lianxi.config;

import com.lianxi.handler.MyAuthenticationEntryHandler;
import com.lianxi.handler.MyAuthenticationFailureHandler;
import com.lianxi.handler.MyAuthenticationSuccessHandler;
import com.lianxi.service.serviceImpl.LoginServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

import java.util.Arrays;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private LoginServiceImpl loginService;

    @Autowired
    private MyAuthenticationSuccessHandler customizeSuccessHandler;

    @Autowired
    private MyAuthenticationFailureHandler customizeFailureHandler;

    @Autowired
    private MyAuthenticationEntryHandler myAuthenticationEntryHandler;

    @Autowired
    private PasswordEncoder passwordEncoder;


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //从数据库读取用户信息,并且加密
        auth.userDetailsService(loginService).passwordEncoder(passwordEncoder);
    }

    //加密类
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }


    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http.authorizeRequests()
                .antMatchers("/login","/gethotlist","/getcateartnum","/getallarticle","/","/register","/v2/api-docs", "/swagger-resources/configuration/ui",
                        "/swagger-resources", "/swagger-resources/configuration/security",
                        "/swagger-ui.html", "/webjars/**","/images/**","/getartbyid/**").permitAll()
                .anyRequest()//其余链接需要验证
                .authenticated() //受否被验证
                .and()
                .formLogin() // 使用默认的登录页面
                .successHandler(customizeSuccessHandler)
                .failureHandler(customizeFailureHandler)
                .and()
                .exceptionHandling()
                //没有登录的情况
                .authenticationEntryPoint(myAuthenticationEntryHandler)
                .and()
                .csrf()
                .disable()
                //开启跨域
                .cors()
                .configurationSource(corsConfigurationSource());// post请求要关闭csrf验证,不然访问报错；实际开发中开启，需要前端配合传递其他参数
    }
        //跨域配置
    @Bean
    CorsConfigurationSource corsConfigurationSource(){
        CorsConfiguration corsConfiguration=new CorsConfiguration();
        corsConfiguration.setAllowedHeaders(Arrays.asList("*"));
        corsConfiguration.setAllowedMethods(Arrays.asList("*"));
        //源地址是后端请求过来的地址
        corsConfiguration.setAllowedOrigins(Arrays.asList("http://localhost:8091"));

        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.setMaxAge(3600L);
        UrlBasedCorsConfigurationSource source=new UrlBasedCorsConfigurationSource();
        //所有的请求都允许跨域
        source.registerCorsConfiguration("/**",corsConfiguration);
        return  source;

    }




}
